Work around problems on some CI targets.

tests/integration/targets/lookup_gpg_fingerprint/meta/main.yml

@@ -4,5 +4,6 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 
 dependencies:
+  - prepare_jinja2_compat
   - setup_remote_tmp_dir
   - setup_gnupg

tests/integration/targets/lookup_gpg_fingerprint/tasks/main.yml

@@ -3,55 +3,58 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
-- name: Create GPG key
-  ansible.builtin.command:
-    cmd: gpg --homedir "{{ remote_tmp_dir }}" --batch --generate-key
-    stdin: |
-      %echo Generating a basic OpenPGP key
-      %no-ask-passphrase
-      %no-protection
-      Key-Type: RSA
-      Key-Length: 4096
-      Name-Real: Foo Bar
-      Name-Email: [email protected]
-      Expire-Date: 0
-      %commit
-      %echo done
-  register: result
-
-- name: Extract fingerprint
-  ansible.builtin.shell: gpg --homedir "{{ remote_tmp_dir }}" --with-colons --fingerprint [email protected] | grep '^fpr:'
-  register: fingerprints
-
-- name: Show fingerprints
-  ansible.builtin.debug:
-    msg: "{{ fingerprints.stdout_lines | map('split', ':') }}"
-
-- name: Export public key
-  ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export --armor [email protected]
-  register: public_key
-
-- name: Export private key
-  ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export-secret-key --armor [email protected]
-  register: private_key
-
-- name: Write public key to disk
-  ansible.builtin.copy:
-    dest: "{{ remote_tmp_dir }}/public-key"
-    content: "{{ public_key.stdout }}"
-
-- name: Write private key to disk
-  ansible.builtin.copy:
-    dest: "{{ remote_tmp_dir }}/private-key"
-    content: "{{ private_key.stdout }}"
-
-- name: Gather fingerprints
-  ansible.builtin.set_fact:
-    public_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/public-key') }}"
-    private_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/private-key') }}"
-
-- name: Check whether fingerprints match
-  ansible.builtin.assert:
-    that:
-      - public_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9]
-      - private_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9]
+- name: Run tests if GPG is available
+  when: has_gnupg
+  block:
+    - name: Create GPG key
+      ansible.builtin.command:
+        cmd: gpg --homedir "{{ remote_tmp_dir }}" --batch --generate-key
+        stdin: |
+          %echo Generating a basic OpenPGP key
+          %no-ask-passphrase
+          %no-protection
+          Key-Type: RSA
+          Key-Length: 4096
+          Name-Real: Foo Bar
+          Name-Email: [email protected]
+          Expire-Date: 0
+          %commit
+          %echo done
+      register: result
+
+    - name: Extract fingerprint
+      ansible.builtin.shell: gpg --homedir "{{ remote_tmp_dir }}" --with-colons --fingerprint [email protected] | grep '^fpr:'
+      register: fingerprints
+
+    - name: Show fingerprints
+      ansible.builtin.debug:
+        msg: "{{ fingerprints.stdout_lines | map('split', ':') | list }}"
+
+    - name: Export public key
+      ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export --armor [email protected]
+      register: public_key
+
+    - name: Export private key
+      ansible.builtin.command: gpg --homedir "{{ remote_tmp_dir }}" --export-secret-key --armor [email protected]
+      register: private_key
+
+    - name: Write public key to disk
+      ansible.builtin.copy:
+        dest: "{{ remote_tmp_dir }}/public-key"
+        content: "{{ public_key.stdout }}"
+
+    - name: Write private key to disk
+      ansible.builtin.copy:
+        dest: "{{ remote_tmp_dir }}/private-key"
+        content: "{{ private_key.stdout }}"
+
+    - name: Gather fingerprints
+      ansible.builtin.set_fact:
+        public_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/public-key') }}"
+        private_key_fingerprint: "{{ lookup('community.crypto.gpg_fingerprint', remote_tmp_dir ~ '/private-key') }}"
+
+    - name: Check whether fingerprints match
+      ansible.builtin.assert:
+        that:
+          - public_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9]
+          - private_key_fingerprint == (fingerprints.stdout_lines[0] | split(':'))[9]

tests/integration/targets/prepare_jinja2_compat/filter_plugins/ansible_compatibility.py

@@ -0,0 +1,20 @@
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+
+# Added in ansible-core 2.11
+def compatibility_split_filter(text, by_what):
+    return text.split(by_what)
+
+
+class FilterModule:
+    ''' Jinja2 compat filters '''
+
+    def filters(self):
+        return {
+            'split': compatibility_split_filter,
+        }

tests/integration/targets/setup_gnupg/tasks/main.yml

@@ -3,11 +3,22 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+- name: Print distribution specific data
+  ansible.builtin.debug:
+    msg: |
+      Distribution: {{ ansible_facts.distribution }}
+      Distribution version: {{ ansible_facts.distribution_version }}
+      Distribution major version: {{ ansible_facts.distribution_major_version }}
+      OS family: {{ ansible_facts.os_family }}
+
 - name: Include distribution specific variables
   ansible.builtin.include_vars: '{{ lookup("ansible.builtin.first_found", params) }}'
   vars:
     params:
       files:
+        - '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_version }}.yml'
+        - '{{ ansible_facts.distribution }}-{{ ansible_facts.distribution_major_version }}.yml'
+        - '{{ ansible_facts.distribution }}.yml'
         - '{{ ansible_facts.os_family }}.yml'
         - default.yml
       paths:
@@ -16,3 +27,4 @@
 - name: Install GnuPG
   ansible.builtin.package:
     name: '{{ gnupg_package_name }}'
+  when: has_gnupg

tests/integration/targets/setup_gnupg/vars/Alpine.yml

@@ -3,4 +3,6 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+# Alpine 3.12 should have GnuPG, but for some reason installing it fails...
+has_gnupg: "{{ ansible_facts.distribution_version is version('3.13', '>=') }}"
 gnupg_package_name: gpg

tests/integration/targets/setup_gnupg/vars/CentOS-6.yml

@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+has_gnupg: false
+# The GnuPG version included with CentOS 6 is too old, it doesn't understand --generate-key

tests/integration/targets/setup_gnupg/vars/Darwin.yml

@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# TODO Homebrew currently isn't happy when running as root, so assume we don't have GnuPG
+has_gnupg: false

tests/integration/targets/setup_gnupg/vars/RedHat.yml

@@ -3,4 +3,5 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+has_gnupg: true
 gnupg_package_name: gnupg2

tests/integration/targets/setup_gnupg/vars/default.yml

@@ -3,4 +3,5 @@
 # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 # SPDX-License-Identifier: GPL-3.0-or-later
 
+has_gnupg: true
 gnupg_package_name: gnupg